TAC allows publishing VPN service as an application to end users where they can connect to their corporate network securely. When publishing VPN, users will be prompted to install TAC Client Services component in to their computer in order for VPN to work.
Before publishing VPN, you need to allocate IP addresses for VPN clients. To do this, open VPN setup window by going to VPN under Configuration Menu. This will open VPN Setup window. You can assign Static IP address range by selecting "Use static address pool" under the IP Address tab. Click Add to add the IP address range that VPN clients will use. Otherwise, select Use DHCP to issue IP addresses automatically using your internal DHCP server.
If the administrator defines the IP address range for VPN clients which are not part of any of the subnets that are directly connected to TAC Gateway, the administrator is required to do proper routing to advertise and reach VPN client subnet from internal network and vice versa.
In addition, TAC supports custom routes deployed on client after VPN connection is established. These custom routes can be defined when you publish the VPN service in TAC in order for clients to be able to connect to specific resources using custom routes. These custom routes help in connecting discontinued networks/subnets from the client end. Once VPN is disconnected, those routes are also wiped out from the client computer.
To publish VPN service, do the following:
- Click on Add under the applications section of your TAC site
- Select Client/Server and then Select VPN Access from the dropdown menu
- On Add Application wizard
- Enter application name, click Next
- Add additional network routes on client (optional). These routes must be in one of the following formats:
IP/Subnet (“10.0.0.0/255.255.255.0”). Routes will be added using VPN server’s IP as the gateway.
IP/Subnet Gateway_IP (“10.0.0.0/255.255.255.0 10.1.1.1”).
To insert a new entry, hit Insert key. To remove entry, hit >Delete key. To modify entry, double click it. To finish modification, hit Enter key.
- Click Next
- Select Authentication properties under Authentication, click Next
- Select Authorization and Access Policy under Security, click Next
- Configure and verify portal link settings, click Next
- Click Finish
This will add VPN service as an application to publish under Applications.